diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-10-29 09:28:35 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:05:01 -0500 |
commit | 9752471973007289fb7659f0311cd316b401c034 (patch) | |
tree | 653b5a7ed3f9736632d8e0339fa03bf4a205dfc9 | |
parent | b448bd5b5e430684a9f3c78ebe8d13fdedb20810 (diff) | |
download | samba-9752471973007289fb7659f0311cd316b401c034.tar.gz samba-9752471973007289fb7659f0311cd316b401c034.tar.xz samba-9752471973007289fb7659f0311cd316b401c034.zip |
r3363: added basic support for SA_RIGHT_FILE_EXECUTE, needed for opening .dll files
(This used to be commit ba1bfd51e1b694cb69afe559f695addaf03b4d81)
-rw-r--r-- | source4/include/rpc_secdes.h | 1 | ||||
-rw-r--r-- | source4/ntvfs/common/opendb.c | 26 | ||||
-rw-r--r-- | source4/ntvfs/posix/pvfs_open.c | 30 | ||||
-rw-r--r-- | source4/ntvfs/posix/pvfs_read.c | 2 |
4 files changed, 33 insertions, 26 deletions
diff --git a/source4/include/rpc_secdes.h b/source4/include/rpc_secdes.h index 3c56d6cb82e..3418c432f1e 100644 --- a/source4/include/rpc_secdes.h +++ b/source4/include/rpc_secdes.h @@ -156,6 +156,7 @@ typedef struct security_descriptor SEC_DESC; #define SA_RIGHT_FILE_DELETE_CHILD 0x00000040 #define SA_RIGHT_FILE_READ_ATTRIBUTES 0x00000080 #define SA_RIGHT_FILE_WRITE_ATTRIBUTES 0x00000100 +#define SA_RIGHT_FILE_READ_EXEC (SA_RIGHT_FILE_READ_DATA|SA_RIGHT_FILE_EXECUTE) #define SA_RIGHT_FILE_ALL_ACCESS 0x000001FF diff --git a/source4/ntvfs/common/opendb.c b/source4/ntvfs/common/opendb.c index c2c80757715..dfb1177eae3 100644 --- a/source4/ntvfs/common/opendb.c +++ b/source4/ntvfs/common/opendb.c @@ -154,10 +154,14 @@ static BOOL share_conflict(struct odb_entry *e1, struct odb_entry *e2) /* if either open involves no read.write or delete access then it can't conflict */ - if (!(e1->access_mask & (SA_RIGHT_FILE_WRITE_DATA | SA_RIGHT_FILE_READ_DATA | STD_RIGHT_DELETE_ACCESS))) { + if (!(e1->access_mask & (SA_RIGHT_FILE_WRITE_DATA | + SA_RIGHT_FILE_READ_EXEC | + STD_RIGHT_DELETE_ACCESS))) { return False; } - if (!(e2->access_mask & (SA_RIGHT_FILE_WRITE_DATA | SA_RIGHT_FILE_READ_DATA | STD_RIGHT_DELETE_ACCESS))) { + if (!(e2->access_mask & (SA_RIGHT_FILE_WRITE_DATA | + SA_RIGHT_FILE_READ_EXEC | + STD_RIGHT_DELETE_ACCESS))) { return False; } @@ -165,11 +169,19 @@ static BOOL share_conflict(struct odb_entry *e1, struct odb_entry *e2) CHECK_MASK(e1->access_mask, e2->share_access, SA_RIGHT_FILE_WRITE_DATA, NTCREATEX_SHARE_ACCESS_WRITE); CHECK_MASK(e2->access_mask, e1->share_access, SA_RIGHT_FILE_WRITE_DATA, NTCREATEX_SHARE_ACCESS_WRITE); - CHECK_MASK(e1->access_mask, e2->share_access, SA_RIGHT_FILE_READ_DATA, NTCREATEX_SHARE_ACCESS_READ); - CHECK_MASK(e2->access_mask, e1->share_access, SA_RIGHT_FILE_READ_DATA, NTCREATEX_SHARE_ACCESS_READ); - - CHECK_MASK(e1->access_mask, e2->share_access, STD_RIGHT_DELETE_ACCESS, NTCREATEX_SHARE_ACCESS_DELETE); - CHECK_MASK(e2->access_mask, e1->share_access, STD_RIGHT_DELETE_ACCESS, NTCREATEX_SHARE_ACCESS_DELETE); + CHECK_MASK(e1->access_mask, e2->share_access, + SA_RIGHT_FILE_READ_EXEC, + NTCREATEX_SHARE_ACCESS_READ); + CHECK_MASK(e2->access_mask, e1->share_access, + SA_RIGHT_FILE_READ_EXEC, + NTCREATEX_SHARE_ACCESS_READ); + + CHECK_MASK(e1->access_mask, e2->share_access, + STD_RIGHT_DELETE_ACCESS, + NTCREATEX_SHARE_ACCESS_DELETE); + CHECK_MASK(e2->access_mask, e1->share_access, + STD_RIGHT_DELETE_ACCESS, + NTCREATEX_SHARE_ACCESS_DELETE); /* if a delete is pending then a second open is not allowed */ if ((e1->create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) || diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c index 1575ca82c1a..73514f81b7c 100644 --- a/source4/ntvfs/posix/pvfs_open.c +++ b/source4/ntvfs/posix/pvfs_open.c @@ -289,16 +289,13 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs, access_mask = GENERIC_RIGHTS_FILE_READ | GENERIC_RIGHTS_FILE_WRITE; } - switch (access_mask & (SA_RIGHT_FILE_READ_DATA | SA_RIGHT_FILE_WRITE_DATA)) { - case SA_RIGHT_FILE_READ_DATA: - flags = O_RDONLY; - break; - case SA_RIGHT_FILE_WRITE_DATA: - flags = O_WRONLY; - break; - case SA_RIGHT_FILE_WRITE_DATA|SA_RIGHT_FILE_READ_DATA: + if ((access_mask & SA_RIGHT_FILE_READ_EXEC) && + (access_mask & SA_RIGHT_FILE_WRITE_DATA)) { flags = O_RDWR; - break; + } else if (access_mask & SA_RIGHT_FILE_WRITE_DATA) { + flags = O_WRONLY; + } else { + flags = O_RDONLY; } f = talloc_p(req, struct pvfs_file); @@ -493,16 +490,13 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs, return NT_STATUS_INVALID_PARAMETER; } - switch (access_mask & (SA_RIGHT_FILE_READ_DATA | SA_RIGHT_FILE_WRITE_DATA)) { - case SA_RIGHT_FILE_READ_DATA: - flags |= O_RDONLY; - break; - case SA_RIGHT_FILE_WRITE_DATA: - flags |= O_WRONLY; - break; - case SA_RIGHT_FILE_WRITE_DATA|SA_RIGHT_FILE_READ_DATA: + if ((access_mask & SA_RIGHT_FILE_READ_EXEC) && + (access_mask & SA_RIGHT_FILE_WRITE_DATA)) { flags |= O_RDWR; - break; + } else if (access_mask & SA_RIGHT_FILE_WRITE_DATA) { + flags |= O_WRONLY; + } else { + flags |= O_RDONLY; } /* handle creating a new file separately */ diff --git a/source4/ntvfs/posix/pvfs_read.c b/source4/ntvfs/posix/pvfs_read.c index b36840cb15c..734134368de 100644 --- a/source4/ntvfs/posix/pvfs_read.c +++ b/source4/ntvfs/posix/pvfs_read.c @@ -48,7 +48,7 @@ NTSTATUS pvfs_read(struct ntvfs_module_context *ntvfs, return NT_STATUS_FILE_IS_A_DIRECTORY; } - if (!(f->access_mask & SA_RIGHT_FILE_READ_DATA)) { + if (!(f->access_mask & SA_RIGHT_FILE_READ_EXEC)) { return NT_STATUS_ACCESS_VIOLATION; } |